Phishing

Phishing is a huge threat and growing more widespread every year. In 2021 Tessian* research found that employees receive an average of 14 malicious emails per year. CISCO’s 2021 Cybersecurity threat trends report suggests that at least one person clicked a phishing link in around 86% of organizations. The company’s data suggests that phishing accounts for around 90% of data breaches.

What is Phishing?

Phishing is often associated with emails sent to a user, sending them to a fake web site that mimics the look and feel of legitimate business website; often a bank, a credit card company or an online shop. It’s even been done to mimic airline booking sites.

However, the emailing is just the beginning of the phishing process. Phishing is a process that involves planning, setting up, attacking and collecting data, with the result being identity theft and fraud.

When a person enters information into a fake web site; for example, a company’s credit card details, name and address etc is now gathered by the attackers and may be used for several illegal activities online.

Often this involves simple online purchases and transactions made through different addresses, but in more serious cases it will involve identity theft and fraud.

Here are some ways to deal with the threat of phishing:

1. Security Awareness Training and Phishing Simulation Email Campaigns

To protect your business from phishing, CommSec managed IT security services provide you with anti-phishing hardware and software, which are designed to prevent phishing attacks because they can detect a fraudulent email or website even when users fail to do so. They protect your business by not allowing access to spurious emails and website links.

2. SOC as a Service

Our MSOC+ service is designed to give you the means to detect a phishing incident and sets out the processes for how we respond to the incident as fast as possible and to minimise the potential damage caused.

However, no IT security products are fool proof-user training and security awareness is still the best protection against phishing.

3. Advanced Email Solutions

Often Secure Email Gateways (SEGs) use filters to detect malicious or fake web domains as a first layer of protection from phishing. Some Email security solutions include functions like link checking and validation in sandboxes to avoid users being served with malicious urls contained inside emails but even these urls can be masked and redirected. New generation email security solutions are using AI and machine learning to spot what is a spoofing email and what is a legit email.

Source Tessian

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Monitored Security

Security Testing

Professional Services

Cyber Solutions

What is Phishing?

Here are some ways to deal with the threat of phishing:

1. Security Awareness Training and Phishing Simulation Email Campaigns

2. SOC as a Service

3. Advanced Email Solutions